Password strength checkers that take into account Moore's Law? [closed]

Question

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.

Closed 8 years ago.

I was going about doing my annual password change on my accounts and tried various sites (microsoft, lastpass, etc) to try out hypothetical passwords. Some sites seem a bit more thorough than other sites in their evaluation of password strength but this made me wonder if any of the sites take into account Moores law. That is, one hears about how "it would take 130,000 years to crack X password" but does that take into account that computers double in speed about every two years?

I'd be really curious to see if these sites take this into account, or if there any sites that someone can suggest that do?

Answer 1

None of these calculations really take into account mores law. But let's see if we can show why we don't have to:

Moore's law states that processing power will double every 18 months (not quite, but good enough for our purposes).

So that means what's 130k years today, will be 65k years in 18 months. And 32.5k in 36 months, and so on, and so on.

We can come up with an equation for that!

cost-at-time = cost-today * 0.5 ^ (months / 18)

So plugging in cost today, we can see this nice pretty graph (x is years):

y = 130000 * .5 ^ (x / 1.5)

So, let's see what our cost will be for our 130k year password, in 50 years:

y = 130000 * .5 ^ (50 / 1.5)
y = 130000 * .5 ^ 33.3333
y = 0.000012 years (~6.3 minutes)

That's pretty fast!

How about 10 years?

y = 130000 * .5 ^ (10 / 1.5)
y = 130000 * .5 ^ 15
y = 1279 years

That's still quite strong...

However. It also misses the point of tunable algorithms like bcrypt and scrypt which are designed to be able to defeat Moore's law.

So if you use bcrypt, scrypt or PBKDF2, and keep tuning the cost so that it runs in a constant time, your password that takes 130k years today to crack (estimated), will still take 130k years to crack in 50 years.

Now, of course that doesn't solve the case where an attacker steals the password hash today, and spends the next 50 years attacking it... But I have to ask, what is your password protecting that a crypto-nerd will spend the next 50 years trying to attack it?

via XKCD